Hey everyone — wanted to share something I’ve been building for agent-heavy workflows.
The problem: LLM tools and scripts still nudge people toward .env files and copy-pasted secrets. That’s fragile, easy to leak in commits, and a pain to rotate.
q-ring is a small CLI + MCP server that stores secrets in the OS-native vault (macOS Keychain, Linux Secret Service, Windows Credential Manager) instead of plaintext env files. It’s aimed at Cursor, Claude Code, and similar setups where you want agents to get/list/set secrets through MCP without dumping values into chat or disk.
Why it’s fun to use with Cursor:
-
44 MCP tools for secret lifecycle, validation, scanning, audit-oriented flows, etc.
-
“Quantum” mechanics as real features: multi-env superposition, linked entanglement across projects, ephemeral tunneling, encrypted teleport bundles — not just marketing names.
Quick MCP config (Cursor):
{
"mcpServers": {
"q-ring": {
"command": "qring-mcp"
}
}
}
Install (global): pnpm add -g @i4ctime/q-ring (or npm/yarn).
Links
-
Docs / CLI + MCP cookbook: https://i4ctime.github.io/quantum_ring/docs
-
Package on npm is
@i4ctime/q-ring(search in the npm site if you need the page — I’m out of link slots
).
AGPL-3.0 — feedback, issues, and “this broke my flow” reports welcome. If you try it in Cursor, I’d love to hear what MCP tools you actually use day-to-day.